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REMARKS/ARGUMENTS 

Claims 1-27 stand rejected in the outstanding Official Action. Claims 1, 11, 17 and 20 
have been amended and therefore claims 1-27 remain in this application. 

The Examiner's acknowledgment of acceptance of the previously filed formal drawings 
is very much appreciated. Additionally, the Examiner's consideration of the prior art submitted 
with Applicants' Information Disclosure Statement is appreciated. 

Claims 1-5, 7-15, 17-24, 26 and 27 stand rejected under 35 USC §102 as being 
anticipated by Esbensen (U.S. Patent 5,796,942). Applicants' independent claim 1, as well as 
claims 11, 17 and 20, all reference a "network bridge" which, as defined in Applicants' 
specification, is a known structure to those of ordinary skill in the art to be used to "effectively 
isolate different portions of a network segment to reduce the occurrence of data collisions upon 
the network segments" (page 3, lines 25-27) and "provides a mechanism by which access may be 
gained to the network traffic on that segment in order to allow malware scanning to be 
performed" (page 4, lines 2-4). 

Applicants also include three definitions of "bridge" (meaning "network bridge") taken 
from various internet dictionaries, which also confirm that a network bridge is a device that 
"governs the flow of traffic between networks or network segments . . ." (definitions attached as 
Exhibits 1, 2 and 3). Applicants also attach a copy of RFC 1286 which is a Request For 
Comments which, despite its name, defines the technical standards in use on the internet, 
defining the way in which protocols operate. While RFC 1286 is attached, the entire archive can 
be found at http://www.faqs.org\ . It is noted that RFC 1286 does not actually define a bridge, 
but the definition can be inferred from the other discussions contained in the definition of the 
bridge management protocol. It is noted that section 4 (the Overview) also defines that a bridge 
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is a "device . . . used to connect local area network segments below the network layer." It is to 
be noted that on the front page of RFC 1286 there is an indication that this is a document that 
was prepared in December 1991, long prior to the filing of Applicants' present patent 
application. 

One characteristics of network bridges is that they operate at a level where they do not 
need configuration in terms of things like IP addresses, etc., and yet can block traffic between 
networks or network segments. A network bridge requires definitive action to pass data from 
one side to another and, if deactivated, allows no traffic to pass. 

Applicants' independent claim 1 specifies a "network bridge" and adds the additional 
limitation that that bridge includes a "malware scanner." Independent claim 1 1 defines the 
details of a network bridge and the structures for forwarding data packets to a malware scanner 
for scanning and then forwarding data after the scanning to the data's intended recipient. Similar 
language is used in independent claims 17 and 20. Conrmion amongst all independent claims is 
the requirement of a "network bridge" as defined not only in Applicants' specification, but in a 
manner consistent with existing definitions of the term and the earlier definition of the term in 
December of 1991. 

The Court of Appeals for the Federal Circuit has noted in the case of Lindemann 
Maschinenfabrik GMBH v. American Hoist & Derrick, 221 USPQ 481, 485 (Fed. Cir. 1984) that 
"[ajnticipation requires the presence in a single prior art reference disclosure of each and every 
element of the claimed invention, arranged as in the claim." Thus, in view of the above, it is 
incumbent upon the Examiner to establish how or where the cited prior art reference Esbensen 
discloses or contains a suggestion to include a malware scanner in a network bridge. It is noted that 
Esbensen is a network surveillance system and not necessarily a bridge. 
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Figure 1 of Esbensen shows the network surveillance system connected at a single point to 
the communications channel 5. There is no network bridge as defined in the present specification or 
as defined in the "internet" sense of interconnecting two computer networks or computer network 
segments. In fact there is no "bridge," even in the ordinary dictionary definition, i.e., "to join by a 
bridge" (Webster's Ninth New Collegiate Dictionary page 179). Esbensen's network surveillance 
system simply does not join or provide a bridge between two of anything, whether they are 
networks, network segments or anything else. Moreover, Applicants note that while Figure 3 uses 
the term "bridge," there is no discussion of the use of any bridge or the combination of any bridge 
with a malware scanner disclosed or discussed in the Esbensen patent. 

It is also noted that while network bridges by themselves are known, it is normal design 
practice by those of ordinary skill in the art make such bridges as simple and fast as possible. It is 
desirable that they be simple and fast in order to not significantiy constrain the network performance 
of the system in which they are utilized (present application, page 4, lines 1-6). As noted in 
Applicants' specification, the presently claimed invention moves against this prior art suggestion by 
recognizing that in many circumstances where malware scanning is required, the absolute level of 
network performance is far less critical than otherwise might be considered necessary. It is better to 
slow the networks' operation slightly in order to catch and block malware from being transported 
between networks or network segments. Thus, the prior art suggestion that a network bridge should 
be "as simple and as fast as possible" clearly teaches away from Applicants' claimed invention 
which specifies that the malware scanner is part of the network bridge. 

Importantly, it should also be noted that while Esbensen is concerned about malware, he 
only provides passive surveillance of a network and can only generate an alert upon the sensing of 
malware. Since Esbensen is not a "bridge" (network or otherwise) he cannot stop or block the 
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transmission of malware. Esbensen is limited only to generating an alert with respect to malware 
which has been sensed during the surveillance of the single network to which he is applied. 

In accordance with the above, it is clear that Applicants' independent claims require some 
association with a "network bridge" and that the term in turn requires two networks or network 
segments between which there is communication by way of the bridge. Applicants' invention in 
providing that network bridge with a malware scanner serves not only to monitor or surveil 
internetwork communications (as may be possible with Esbensen), but also to block malware from 
being passed between networks or network segments (which is not disclosed or even possible with 
Esbensen). While the former can be accomplished by the Esbensen patent, the latter certainly 
cannot be, and indeed there is no disclosure of any such ability to stop or block malware 
transmission. Accordingly, because Esbensen fails to teach structure or method steps recited in 
Applicants' independent claims, there is no support for any rejection under 35 USC §102 or §103 of 
claims 1-5,7-15, 17-24, 26 and 27 over the Esbensen reference and any further rejection thereunder 
is respectfully traversed. 

Claims 6, 16 and 25 stand rejected under 35 USC §103 as unpatentable over Esbensen in 
view of Donaldson (U.S. Patent 6,321,267). The above comments distinguishing Applicants' 
independent claims from the Esbensen reference are herein incorporated by reference. There 
appears to be no allegation that the Examiner believes the Donaldson reference to teach the 
"network bridge" missing from the Esbensen reference. If the "network bridge" is not taught in at 
least one of the cited prior art patents, even the combination of those patents will not disclose or 
render obvious Applicants' claimed network bridge. Moreover, the Examiner has not pointed out 
how or why Donaldson teaches away from the Esbensen reference of teaching a surveillance 
system, rather than a network bridge. Further, there is no indication as to why or how one of 
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ordinary skill in the art would combine features of the Esbensen and Donaldson references in the 
manner of Applicants' independent claims, let alone Applicants' dependent claims 6, 16 and 25. 
Accordingly, any further rejection of claims 6, 16 and 25 as being obvious over the 
Esbensen/Donaldson combination is respectfully traversed. 

Having responded to all objections and rejections set forth in the outstanding Official 
Action, it is submitted that pending claims 1-27 are in condition for allowance and notice to that 
effect is respectfully solicited. In the event the Examiner is of the opinion that a brief telephone or 
personal interview will facilitate allowance of one or more of the above claims, he is respectfully 
requested to contact Applicants' undersigned representative. 



Respectfully submitted. 




SCS:kmm 

1100 North Glebe Road, 8th Floor 
Arlington, VA 22201-4714 
Telephone: (703)816-4000 
Facsimile: (703) 816-4100 

Enclosures: Exhibits 1-4 
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